Composite public cloud, method and system

ABSTRACT

A composite public cloud enables an automated marketplace system for, selling and trading of computational resources by aggregating available compute resources so that buyers are automatically matched with sellers. A listing of compute resources available on a prospective seller&#39;s system and bids by prospective buyers for resources offered is maintained. A seller uses a series of attributes to characterize an available resource for prospective buyers. Compute resources are presented in a form which can be easily quantified or compartmentalized. Prospective buyers search the marketplace system based on desired resource criteria. The marketplace continually evaluates the attributes of resources available for sale and the desired criteria of prospective buyers. The system attempts to match buyers and sellers, optimizing for the needs of both parties. If a desirable match is found, the marketplace system facilitates a transaction between both parties, making the purchased resource available to the buyer.

CROSS REFERENCE TO RELATED APPLICATIONS

This application is a Continuation of U.S. application Ser. No.13/466,685, filed 8 May 2012, which claims priority to U.S. ProvisionalApplication No. 61/484,178, filed 9 May 2011, each of which isincorporated herein in its entirety by this reference thereto.

BACKGROUND DISCUSSION

1. Technical Field

Generally, the invention relates to cloud computing. More particularly,the invention relates to a method and system for creating a compositepublic cloud.

2. Description of Related Technology

Recently, a model for delivering hosted services over the Internet asemerged that has come to be known as “cloud computing”. The term “cloudcomputing” flows naturally from the cloud symbol that is often used torepresent the Internet or other network in various diagrams. The hostedservices fall into a handful of categories, for example:Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS) andSoftware-as-a-Service (SaaS).

Cloud computing has several characteristics that distinguish it fromtraditional hosting. It is available on demand, often by the minute orthe hour, for example. A user can have as much or as little of a serviceas they need or want at a time. Additionally, the service is managed bythe provider. Cloud computing owes its development to advances invirtualization and distributed computing, coupled with continuallyincreasing opportunities for high-speed Internet access.

In general, there exist public and private clouds, with the publicclouds making computational resources available to all comers. Incontrast, a private cloud is usually privately-owned and run and servesa limited population of users, for example the employees of a largecorporation that owns the compute infrastructure. Additionally, virtualprivate clouds can be created from public cloud resources.

Infrastructure as a service is a way of taking individual physicalservers and virtualizing them in such a way that one may have, forexample, a thousand physical servers, upon which virtualization softwaremay be overlaid. The virtualization application can, in its turn,present those thousand physical servers as, for example, 10,000 virtualservers. Within these virtual servers one can then run his or hercorresponding enterprise applications. Thus, virtualizing previouslyphysical resources is known as infrastructure service.

SUMMARY

A composite public cloud enables an automated marketplace system forbuying, selling and trading of computational resources by aggregatingavailable compute resources so that buyers are automatically matchedwith sellers. A listing of compute resources available on a prospectiveseller's system and bids by prospective buyers for resources offered ismaintained. A seller uses a series of attributes to characterize anavailable resource for prospective buyers. Compute resources arepresented in a form which can be easily quantified or compartmentalized.Prospective buyers search the marketplace system based on desiredresource criteria. The marketplace continually evaluates the attributesof resources available for sale and the desired criteria of prospectivebuyers. The system attempts to match buyers and sellers, optimizing forthe needs of both parties. If a desirable match is found, themarketplace system facilitates a transaction between both parties,making the purchased resource available to the buyer.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 provides a schematic diagram of a logical private cloudaggregation;

FIG. 2 provides a diagram of a private cloud aggregation platform

FIG. 3 provides a hardware diagram of an exemplary availability zone;

FIG. 4 provides an architecture diagram of an availability zone;

FIG. 5 provides a screenshot of a first view of a user dashboard;

FIG. 6 provides a screenshot of a second view of a user dashboard; and

FIG. 7 provides a diagram of a machine in the exemplary form of acomputer platform within which a set of instructions, for causing themachine to perform any one of the methodologies discussed herein below,may be executed.

DETAILED DESCRIPTION

A composite public cloud enables an automated marketplace system for,selling and trading of computational resources by aggregating availablecompute resources so that buyers are automatically matched with sellers.A listing of compute resources available on a prospective seller'ssystem and bids by prospective buyers for resources offered ismaintained. A seller uses a series of attributes to characterize anavailable resource for prospective buyers. Compute resources arepresented in a form which can be easily quantified or compartmentalized.Prospective buyers search the marketplace system based on desiredresource criteria. The marketplace continually evaluates the attributesof resources available for sale and the desired criteria of prospectivebuyers. The system attempts to match buyers and sellers, optimizing forthe needs of both parties. If a desirable match is found, themarketplace system facilitates a transaction between both parties,making the purchased resource available to the buyer.

Managed Private Cloud

In an embodiment, the marketplace described above presupposes a reliableinventory of compute to offer for sale in the marketplace. In anembodiment, the inventory is the compute and the storage and everythingelse that's part of the cloud. If the compute is to be offered in themarketplace as a commodity, the supply must be reliable and the qualitygood. In an embodiment, the solution to the problem of obtaining anadequate inventory of acceptable quality is to offer only compute thathas been managed and operated by the provider.

Conventional cloud computing is based on the public cloud model,described in greater detail herein below, wherein subscriber's orclients purchase compute from services providers that provide expansivepublic networks. While the conventional public cloud model readily makescompute available to parties who have none or who are in need of morecompute than they have the resources for, and provides the additionaladvantage of providing full management of the subscribed, it has thedistinct disadvantage of being quite costly. In fact, an organizationcan install and manage its own data center for a fraction of the cost ofthe same compute capacity purchased from a cloud computing provider.Unfortunately, the organization is then faced with the formidable burdenof managing its own private cloud. Thus, there exists a great need inthe art for a solution to the problem posed by the expense of publiccloud providers and the burden of managing a private cloud.

In an embodiment, a service provider contracts with organizations orparties having physical servers in data centers to design and implementprivate clouds in their data centers that are then fully managed by theservice provider. Additionally, the service provider sets up an IaaS(infrastructure as a service) offering in the data center. Thus, theorganization is able to dedicate a portion of its compute to publictenants, in effect creating a public cloud that can then be aggregatedwith the same type of public compute from other parties into a CompositePublic Cloud, as described herein below. Therefore, by leasing a portionof its compute to public tenants through the Composite Public Cloud, theorganization is able to convert a traditional cost center into a profitcenter. In addition, the cost to maintain its own private cloud is afraction of the cost to acquire equivalent compute from public cloudproviders. In an embodiment, the service may employ a subscriptionbusiness model, wherein clients may pay on a per-server basis for cloudmanagement from the service provider. It will be readily appreciatedthat other business models are equally suitable.

In review, the MANAGED PRIVATE CLOUD service provides:

-   -   Realization of benefits of large-scale private-cloud computing        while minimizing risks and costs;    -   Fully-managed dedicated private cloud;    -   24/7 monitoring;        -   Well-trained, readily-available support personnel;    -   Multitenant;    -   Rich UI and APIs based on OPENSTACK;    -   No licensing fees;    -   Nominal subscription fees; and    -   Open platform, no vendor lock-in.

In an embodiment, the various components of the managed private cloudare implemented via OPENSTACK open source cloud computing software. Inparticular, the virtualized networking is a function of an OPENSTACKproject known as NOVA NETWORKING, also OPENSTACK COMPUTE. NOVA is thesoftware that controls an Infrastructure as a Service (IaaS) cloudcomputing platform. NOVA does not include any virtualization software,but instead defines drivers that interact with underlying virtualizationmechanisms that run on a host operating system, and exposesfunctionality over a web API (application programming interface).Additionally, a self-service dashboard is a function of OPENSTACKDASHBOARD.

Marketplace/Composite Public Cloud

As above, managed private cloud clients may make their underutilizedcompute resources available for sale, in effect using a portion of theirprivate clouds to create public clouds, which as above, may beaggregated to form a Composite Public Cloud. Companies can come andpurchase resources like compute and storage, which resources areprovided by the managed private cloud customers, giving them anopportunity to leverage their excess resources and to generate a cashflow or a revenue stream from their private cloud. In an embodiment, theComposite Public Cloud is, in actuality, a virtualized cloud aggregatedfrom all these portions of these various private clouds.

In addition to reducing the client's cloud computing costs and providingan opportunity to generate cash flow from the data center, the abovemodel also solves the service provider's problem of sourcing computeinventory for the Composite Public Cloud. The inventory constitutes thecompute, the storage and everything else that is part of the cloud.

By sourcing compute inventory from its own managed-private-cloudclients, the service provider is assured of a steady inventory ofcompute of known quality. By supplying inventory of known quality thatthe provider has managed, the provider is able to provide a reliable,repeatable experience to customers purchasing compute through theComposite Private Cloud.

Compute Quality Management (Normalization and Standardization)

Essential to the creation of a vibrant compute resale marketplace,compute inventory must be created. To function as a commodity, computeinventory must be quantifiable, measurable and deterministic. By firstmanaging the compute seller's (Private) cloud, low-level measurement andquality constraints can be put in place. Private Cloud managementsoftware guarantees quality of service via network (QoS), computeorchestration and workload management. Performance data is continuallystreamed from the private cloud to the central market, so that computeconsumption can be further metered in the interest of performancecontrol.

Compute Segregation and Security

New sold inventory is segregated and encapsulated as to not present asecurity risk to the Private Cloud tenants or prior sold inventory.Compute containment occurs by means of packet inspection and filteringat all layers of the network stack.

Calculated Attributes of a Private Cloud

Compute resources have a series of associated attributes for the purposeof describing the quality of the resource available for sale. Amultitude of dynamically derived data will be continuously streamed tothe central Market Place control logic, which will include at least oneof:

-   -   Network (To/From Private Cloud, Between Private Clouds);    -   Latency;    -   Communication Quality;    -   Available Inventory;    -   Hypervisor CPU, Memory, Disk data;    -   Availability of Compute Peripherals (GPU, Hardware, Crypto); and    -   Cost.

Compute Inventory Management

-   -   Central Market Place control logic maps available inventory into        sellable lots of compute over time, either via Compute Unit        Hours (CUh) or through a series of multidimensional constructs        each containing CPU, Disk, Memory (i.e. a typical VM sizing)        over time. Compute over time will be treated as sellable “lots”.        A sellable lot will have at least one of the following        attributes:        -   Start of availability;        -   Grace Period;        -   Cost; and        -   Optional Minimal Duration.

Grace Period denotes the minimum amount of time the Private CloudProvider is required to give to the purchaser, in the event purchasedcompute must be terminated and reclaimed. Longer grace periods willlikely translate into higher market values. By default, all compute isconsidered perpetual (until terminated by either party);

In an embodiment, the Market Logic tracks all contracts (lot-sold timeto “delivery”) and the percentage of time a contract is deliveredwithout interruption (up to the grace period). This percentage is madeavailable to the compute lot purchaser as a measure of quality (so thatit can be considered alongside the asking price). Contract successpercentage also affects market price.

In an embodiment, the marketplace system maintains a listing of bothcompute resources available for sale on a prospective seller's systemand bid requests, by prospective buyers, for resources offered. In thisregard, the marketplace functions as a compute resource aggregator orintermediary.

Compute Commodity Exchange, Speculative Buying and Trading

In an embodiment, the contract holder can utilize a compute lot at“start of availability”, but prior to such time contracts can be boughtand sold freely. In an embodiment, the contacts are traded on a computecommodity exchange and may be freely bought and sold in speculativetransactions on the exchange.

Inventory Presentation Layer and VM Placement Semantics

-   -   A consumer-facing portal presents available inventory as a        “Public Cloud”;    -   Consumers may use the portal to both purchase contracts and        associated purchased contracts with Virtual Machines;    -   The Portal may cache Virtual Machines and ultimately place them        in the associated Private Cloud at the contract's “Start of        Availability”;    -   If a virtual machine is inadvertently terminated, market logic        attempts to buy a contract for equal or lesser cost and        duration, placing the last cached copy of the VM in the next        viable Private Cloud; and    -   VMs need not migrate between Private Clouds. In an embodiment,        the flow may be from the Central Market to the original contract        seller's cloud.

In an embodiment, prospective buyers may search the marketplace system,via automated or manual means, based on desired resource criteria. Themarketplace continually evaluates the attributes of resources availablefor sale and the desired criteria of prospective buyers. The systemattempts to match buyers and sellers, optimizing for the needs of bothparties. Assuming a desirable match is found, the marketplace systemfacilitates a transaction between both parties, ultimately making thepurchased resource available to the seller.

Turning now to FIG. 1, a schematic diagram of a logical private cloudaggregation 1000 is shown. In an embodiment, a Composite Public Cloud1002 is formed by aggregating excess compute from private clouds #1-N1008 a, 1008 b. As shown in FIG. 1, each of the private clouds comprisesat least one availability zone. Private cloud #1 1008 a includes privateavailability zones 1 and 2 1010 a, 1010 b. Private cloud #N includes,for example, one private availability zone 1010 c. Theordinarily-skilled person will understand that the configuration ofprivate clouds and the private availability zones is for illustrationonly. In actual fact, a private cloud could have a large number ofavailability zones, as described below. Going back to FIG. 1, one cansee that private availability zone #1 1010 a of private cloud #1 1008 acontains multiple tenants; for example, private tenants #1 and #2 1112a, 1112 b and resale tenants #1 and #2 1112 c, 1112 d. Privateavailability zone #2 contains, for example, two private tenants 1112 e,1112 i and three resale tenants 1112 f-1112 h. Private cloud #N 1008 bincludes, for example, one private availability zone 1010 c having oneresale tenant 1112 j and three private tenants 1112 k-1112 m.

In embodiments, an availability zone may be a physical instance of aprivate cloud. For example, as shown in FIG. 1, private cloud #N 1008 bis shown to contain a single availability zone. Thus, there exists onlyone physical instance of private cloud #N. On the other hand, privatecloud #1 1008 a has two availability zones 1010 a, 1010 b. Thus, thereexist two physical instances of private cloud #1 1008 a. In embodiments,each physical instance may constitute a separate data center, each indifferent locations. For example, private cloud #1 1008 a could be theprivate data cloud of a multi-national corporation having data centers,for example in North America and Asia.

It can be seen that the Composite Public Cloud 1002 may contain, forexample public availability zones #1-3 1004 a-1004 c, each of whichcontains at least one of public tenants 1006 a-1006 f. As shown, thepublic tenants in the Composite Public Cloud 1002 are virtual or logicalentities that are created by mapping resale tenants from privateavailability zones within private clouds 1-N, thereby aggregating theresale tenants to form a virtual Composite Public Cloud 1002.

It is to be understood then, that, while tenants are a logicalseparation, availability zones represent a physical separation. Thus, anavailability zone may be thought of as a super set of tenants.

In contrast to the Composite Public Cloud described herein, a publiccloud is one based on the conventional cloud computing model, in which aservice provider makes resources, such as applications and storage,available to the general public over a publicly-available network suchas the Internet. Public cloud services may be free or may be offered ona pay-per-usage model. The public cloud is exemplified by such IaaSofferings as AMAZON WEB SERVICES, which is, in effect, a public cloud,segregated into multiple data centers. Thus, when a client purchasescompute time from Amazon, he or she may specify, “I want my virtualserver to sit within the Amazon East Coast or West Coast or Europeandata center.” By placing that compute in these different availabilityzones, the client is, basically, placing that virtual machine indifferent instances of AMAZON's cloud.

Multitenancy

One of the important aspects of infrastructure as a service (IaaS) isthat it is multi-tenant, thus providing the ability to logicallysegregate computing resources from each other within the same cloud,effectively filtering traffic between different members of the samecloud and specifying rules for how that traffic should flow.

Thus, if one were to build a private cloud having fifty physicalservers, and within those fifty physical servers there were two virtualservers on each physical server, the resulting cloud would number ahundred virtual servers (on the fifty physical servers). In an exemplaryIaaS offering, the service provider might segregate that cloud into twovirtual tenants, each tenant having fifty virtual machines. From thepoint of view of cloud computing, the service provider can make rulesthat say, for example, that he would only allow Web traffic betweenthese two tenants, or only allow e-mail traffic between these twotenants. Thus, such rules can be put into place at a protocol level.

Therefore, the attribute of multi-tenancy is the basis for a marketplacein which a portion of the tenants defined within a managed private cloudcustomers are made available for resale. Thus, the multi-tenancycapability for a given private cloud allows the cloud owner to sellcompute to, for example, two or three customers via the marketplace, andto segregate those two or three customers on their own tenantspace—protecting them from each other, but also protecting the managedprivate cloud corporate customer from what amounts to foreign computecoming in through the brokerage.

One might realize based on the foregoing, that the Composite PublicCloud is, in fact, not a cloud. In one embodiment, the Composite PublicCloud is actually a portal that is constructed to have the look and feelof a public cloud. As a customer of the Composite Public Cloud, onewould visit the Composite Public Cloud portal and, for example, submit avirtual machine that one wanted pushed out to the Composite Public Cloudto be offered for sale. By means of the portal, the Composite PublicCloud provider depicts each of those managed private clouds asavailability zones in the Composite Public Cloud. Multi-tenancy and theconcept of the availability zone are, thus, extremely useful indescribing the Composite Public Cloud to prospective compute sellers andto prospective compute buyers.

Turning now to FIG. 2, shown is a schematic diagram of a private cloudaggregation platform 2000, embodiments of which serve to implement thelogical private cloud aggregation 1000 described herein above.Embodiments of the private cloud aggregation platform 2000 will includeat least one of the following components:

-   -   Meta cloud client services 2002;        -   Client API 2004: Programmatic interface providing a            super-set of the Web Interface portal;        -   Web interface 2006: Consumer-facing portal for the            consumption of public cloud compute;        -   Service routing interface 2008:    -   VM image storage service 2010: storage medium, local or remote        that holds the base images of the VMs;        -   Canonical Client VM images 2012: repository for unmodified            VM images submitted via the client portal;        -   MC converted VM image cache 2014: repository for the            resultant converted VM image, if modification is warranted            for the target private cloud            -   VM conversion service 2016: responsible for VM                transformations when destination private cloud format                differs from origin VM image format for example:            -   AMI (AMAZON MACHINE IMAGE);            -   VMDK, (VIRTUAL MACHINE DISK FORMAT);            -   OVA (OPEN VIRTUALIZATION ALLIANCE):            -   OVF (OPEN VIRTUALIZATION FORMAT);            -   QCOW2 (QEMU COPY ON WRITE 2);            -   RAW (raw hard drive image);            -   Minor VM image “fix-up” routines occur here also;        -   Convert VM type A 2018;        -   Convert VM type B 2020;    -   Message bus 2022: scalable message transport abstraction.        Handles inter-service communication and message queuing;        -   Job queue 2024 a-2024 c;    -   Market service 2030: All financial exchange data resides here.        Canonical source for global contract state. This is the system        of record when compute lots are bought/sold/traded/etc.        Inventory and pricing detail also reside here;        -   Market service API 2026;        -   Market database 2028 a-2028 b;    -   Account service 2032: canonical source for consumer/client        credentials, authentication data, permissions, entitlements.        Allows for single sign-on across Metacloud platform;        -   Account service API 2034;        -   Account DB2036 a-2036 b;    -   Coordination and orchestration service (all VM management) 2038:        intermediary between the Metacloud platform and the global        private cloud pool. Central service ultimately controls private        cloud VM state by interacting with each private cloud's local        orchestration services;        -   Initiate VM conversation 2040;        -   Start VM in private cloud 2042;        -   Stop VM in private cloud 2044;        -   Delete VM in private cloud 2046;        -   Fulfill VM trade 2048;        -   Manage job deps 2050;        -   Pol VM state 2052;        -   VM transfer/placement 2054;        -   Private cloud 1-3 1008 a-1008 c;        -   Local orchestration layer 2056 a-2056 f;        -   Availability zone 1010; and        -   Tenants 1012.

As previously indicated, the physical infrastructure of a cloud is, inessence, commodity hardware—regular physical servers, disks, storage,and network switches, with a software overlay and virtually carved up tobe presented as whatever housed within data centers of varying size,from small data centers having only a few servers to large data centershaving thousands of servers. Referring now to FIG. 3, shown is arepresentation of an exemplary data center 3000. As previouslydescribed, a single data center is ordinarily represented within thecloud as an availability zone. As shown in FIG. 3, the data center 3000includes, typically, a number of servers. Here, there are two serverracks 3004, each containing four rack servers, for a total of eightservers. Each server is a DELL POWEREDGE R701 rack server (DELL, Inc.,Roundrock Tex.). Each server, in turn, is communicatively coupled to anetwork switch 3002. Here, each network switch is a DELL FORCE 10chassis-based switch (DELL, Inc., Roundrock Tex.). Each of the switchesis communicatively coupled to the cloud 3006, either directly to theInternet or via a network such as a WAN (wide-area network).

One of ordinary skill will recognize that the above description isexemplary only. As above, a data center may house only a few servers orit may house many thousands. Additionally, because a data center may bebuilt completely from commodity hardware, there may exist thousands ofcomponent configurations using commodity hardware supplied by a vastnumber of manufacturers.

Referring back to the previous example of the fifty physical servers ina corporate private cloud, the servers are typically off-the-shelfcommodity X86 base servers. Two servers may be allocated as cloudcontrollers, tasked with the role of handling orchestration,collaboration and management of compute across the remaining servers.The remaining servers in that cloud are hypervisors. The person ofordinary skill will recognize that “hypervisor” is an industry-standardterm for software that allows for the creation of one or more virtualmachines on top of a real physical machine. In an exemplary embodiment,the hypervisor used is KVM (Kernel-based virtual machine). It will beappreciated however that other hypervisors may be used. Then each of thefifty physical servers is communicatively coupled to a commodity networkswitch, as shown in FIG. 3.

While a full virtual service-oriented infrastructure may include a widearray of technologies that provide resource aggregation, management,availability and mobility, the hypervisor may be seen as thefoundational core of virtual infrastructure.

Using the foregoing software/hardware architecture enablesvirtualization of all of the computing, allowing creation of as manyvirtual servers as desired. Additionally, network routing relationshipsbetween the different tenants may also be dynamically defined.

FIG. 4 illustrates the hardware/software architecture described hereinabove. A data center 4000 includes a number of servers 4002, 4004. Oneof the servers is allocated as a cloud controller 4004. The remainingservers 4002 are configured as hypervisors, each of them running aninstance 4010 of the hypervisor software. In turn, each of thehypervisors 4002 is configured as multiple virtual machines 4008.

As mentioned previously, the virtualization software may include a userdashboard from which customized views and user interfaces may becreated. FIGS. 5 and 6 show views created from the dashboard. FIG. 5shows a billing overview 5000 that includes a tenant billing summary5002. FIG. 6 shows a tenant summary 6000 that includes an ‘activeinstant usage summary’ 6002 and a ‘terminated instant usage summary’6004.

Referring now to FIG. 7, shown is a diagrammatic representation of amachine in the exemplary form of a computer platform 700 within which aset of instructions for causing the machine to perform any one of themethodologies discussed herein below may be executed. In alternativeembodiments, the machine may comprise a network router, a networkswitch, a network bridge, personal digital assistant (PDA), a cellulartelephone, a web appliance or any machine capable of executing asequence of instructions that specify actions to be taken by thatmachine.

The computer platform 700 includes a processor 702, a main memory 704and a static memory 706, which communicate with each other via a bus708. The computer platform 700 may further include a display unit 710,for example, a liquid crystal display (LCD) or a cathode ray tube (CRT).The computer platform 700 also includes an alphanumeric input device712, for example, a keyboard; a cursor control device 714, for example,a mouse; a disk drive unit 716, a signal generation device 718, forexample, a speaker, and a network interface device 828.

The disk drive unit 716 includes a machine-readable medium 724 on whichis stored a set of executable instructions, i.e. software, 726 embodyingany one, or all, of the methodologies described herein below. Thesoftware 726 is also shown to reside, completely or at least partially,within the main memory 704 and/or within the processor 702. The software726 may further be transmitted or received over a network 830 by meansof a network interface device 828.

In contrast to the platform 700 discussed above, a different embodimentuses logic circuitry instead of computer-executed instructions toimplement processing offers. Depending upon the particular requirementsof the application in the areas of speed, expense, tooling costs, andthe like, this logic may be implemented by constructing anapplication-specific integrated circuit (ASIC) having thousands of tinyintegrated transistors. Such an ASIC may be implemented with CMOS(complementary metal oxide semiconductor), TTL (transistor-transistorlogic), VLSI (very large scale integration), or another suitableconstruction. Other alternatives include a digital signal processingchip (DSP), discrete circuitry (such as resistors, capacitors, diodes,inductors, and transistors), field programmable gate array (FPGA),programmable logic array (PLA), programmable logic device (PLD), and thelike. It is to be understood that embodiments of this invention may beused as or to support software programs executed upon some form ofprocessing core (such as the Central Processing Unit of a computer) orotherwise implemented or realized upon or within a machine or computerreadable medium. A machine-readable medium includes any mechanism forstoring or transmitting information in a form readable by a machine,e.g. a computer. For example, a machine readable medium includesread-only memory (ROM); random access memory (RAM); magnetic diskstorage media; optical storage media; flash memory devices; electrical,optical, acoustical or other form of propagated signals, for example,carrier waves, infrared signals, digital signals, etc.; or any othertype of media suitable for storing or transmitting information.Additionally, a “machine-readable medium” may be understood to mean a“non-transitory” machine-readable medium.

In the foregoing specification, the invention has been described withreference to specific exemplary embodiments thereof. It will, however,be evident that various modifications and changes may be made theretowithout departing from the broader spirit and scope of the invention asset forth in the appended claims. The specification and drawings are,accordingly, to be regarded in an illustrative sense rather than arestrictive sense.

1. A system for creating a composite public cloud in a cloud-computing environment comprising: a processor coupled to a bus; and a non-transitory machine-readable medium coupled to the bus, the non-transitory machine-readable medium including instructions for: creating a plurality of tenants in at least one availability zone of at least one private cloud, wherein an availability zone comprises a physical instance of the private cloud, and wherein a tenant comprises a virtual representation of certain compute resources situated within an availability zone; allocating a portion of the tenants as resale tenants; associating a description with each resale tenant, wherein the description describes an associated resale tenant according to a corresponding grace period; and aggregating one or more of the resale tenants into a composite public cloud.
 2. The system of claim 1, wherein for the corresponding grace period, a longer grace period corresponds to a higher market value.
 3. The system of claim 1, wherein the physical instance comprises a plurality of servers and associated storage, each of the servers having resident thereon an instance of a hypervisor application, the hypervisor application operative to virtualize the server so that each server is represented as at least one virtual machine; and wherein a tenant comprises at least one virtual machine.
 4. The system of claim 1, wherein the aggregating one or more of the resale tenants into a composite public cloud comprises: registering at least one resale tenant on a facility for transferring commoditized excess compute resources, mapping each of the at least one resale tenant to a public tenant within a public availability zone in a virtualized public cloud, and publishing the description of the registered resale tenant.
 5. The system of claim 1, wherein associating a description to each resale tenant further includes any of a start of availability, a cost, and a minimal duration.
 6. The system of claim 1, wherein the non-transitory machine-readable medium further includes instructions for: logically segregating computing resources from each other within the same cloud, to filter traffic between different members of the same cloud; and specifying rules for how that traffic should flow.
 7. The system of claim 1, the non-transitory machine-readable medium further includes instructions for: establishing a portal for buying and selling commoditized excess compute resources; automatically matching buyers and sellers through the portal; and facilitating trading of commoditized excess compute resources.
 8. A method implemented on a computer for creating a composite public cloud in a cloud-computing environment, the method comprising: creating a plurality of tenants in at least one availability zone of at least one private cloud, wherein an availability zone comprises a physical instance of the private cloud and wherein a tenant comprises a virtual representation of certain compute resources situated within an availability zone; allocating a portion of the tenants as resale tenants; associating a description with each resale tenant, wherein the description describes at least one resale tenant according to a corresponding grace period; and aggregating at least some of the resale tenants into a composite public cloud.
 9. The method of claim 8, wherein for the corresponding grace period, a longer grace period corresponds to a higher market value.
 10. The method of claim 8, wherein the physical instance comprises a plurality of servers and associated storage, each of the servers having resident thereon an instance of a hypervisor application, the hypervisor application operative to virtualize the server so that each server is represented as at least one virtual machine; and wherein a tenant comprises at least one virtual machine.
 11. The method of claim 8, wherein aggregating at least some of the resale tenants into a composite public cloud comprises: registering at least one resale tenant on a portal for trading computing resources; mapping the at least some resale tenants to a public tenant within a public availability zone in the composite public cloud; and publishing the description of the registered resale tenant.
 12. The method of claim 8, wherein associating a description with each resale tenant further comprises: describing each of the resale tenants according to one or more predetermined attributes including any of start of availability, cost, and minimal duration.
 13. The method of claim 8, further comprising: logically segregating computing resources from each other within the same cloud, to filter traffic between different members of the same cloud; and specifying rules for how that traffic should flow.
 14. The method of claim 8, the memory further comprising: establishing a portal for buying and selling commoditized excess compute resources; matching buyers and sellers through the portal; and facilitating trading of commoditized excess compute resources.
 15. A method implemented on a computer, comprising: creating a plurality of tenants in at least one availability zone of at least one private cloud, wherein an availability zone comprises a physical instance of the private cloud, and wherein each of the tenants comprises a virtual representation of corresponding compute resources situated within an availability zone; allocating a portion of the tenants as resale tenants; associating a description with each resale tenant; and aggregating the resale tenants having the associated descriptions to form a composite public cloud, wherein the aggregating includes mapping the resale tenants having the associated description to a public tenant within a public availability zone in a virtualized public cloud; and publishing the descriptions of the associated resale tenants.
 16. The method of claim 15, wherein the description includes a grace period corresponding to each of the resale tenants.
 17. The method of claim 16, wherein for the corresponding grace periods, a longer grace period corresponds to a higher market value.
 18. The method of claim 15, wherein the physical instance comprises a plurality of servers and associated storage, each of the servers having resident thereon an instance of a hypervisor application, the hypervisor application operative to virtualize the server so that each server is represented as at least one virtual machine; and wherein a tenant comprises at least one virtual machine.
 19. The method of claim 15, wherein associating a description with each resale tenant comprises: describing each of the resale tenants according to one or more predetermined attributes including any of start of availability, cost, and minimal duration.
 20. The method of claim 15, further comprising: logically segregating computing resources from each other within the same cloud, to filter traffic between different members of the same cloud; and specifying rules for how that traffic should flow.
 21. The method of claim 15, the memory further comprising: establishing a portal for buying and selling commoditized excess compute resources; matching buyers and sellers through the portal; and facilitating trading of commoditized excess compute resources. 